Helping You Learn and Leverage Computer Networking

IP ID’ed

So, what is this IP address the everyone talks about? The IP address is a unique number each computer on the internet is assigned. It is used like a street address for your computer so other computers know where to send data if they want to talk to your computer, and so the network knows what streets (aka routes) to use to get from one computer to another.

Dynamic vs Static

IP’s are usually assigned automatically by a server when you connect to a network. This type of address is called a dynamic IP address and the process that is used to assign the address is called DHCP. DHCP enables computers to move around between networks easily because it will automatically change the IP for your computer over time and when the computer changes locations. A static IP address is often used on printers, servers, and other equipment that don’t move around much. They are manually configured on systems and remain fixed until someone manually changes them.

Two Versions of IP

Currently, there are 2 versions of IP addresses. IP version 4 and IP version 6. Both IPv4 and IPv6 serve the same purpose, are sub-netted the same way, and are routed in the same way. Basically, the only reason we have IPv6 is because the internet is so popular and there are enough devices on the internet today to use up all of the IPv4 addresses. IPv6 deals with this by having WAY more addresses in it.

IPv4 Quick Breakdown

IPv4 is what most of the internet uses today and is most likely what you are using right now. It is written as four numbers separated by periods. An IPv4 address will look something like 192.168.1.1 or 10.20.30.40. Each of the four numbers will be between 0 and 255.

IPv6 Quick Breakdown

IPv6 is a new IP system that the internet is moving to. Only certain sites support IPv6 right now but more and more are adding support every day. IPv6 addresses consist of eight groups of four hex digits separated by colons. For reference hex digits are “0” through “F” where “F” represents the value 15. So, IPv6 addresses look something like 2607:f298:0001:0107:0000:0000:0fe1:39bb.

You may have noticed right away is that this is obnoxiously long! To try to help with that, there are 2 shorthand tricks used with IPv6. First, leading zeros in a 4 digit section can be dropped (so 0001 can be written as 1). Second, multiple all zero sections can be smushed together and written as “::” (So “:0000:0000:” becomes “::”). Note, that this can only be done once for any given IPv6 Address. So the IP above can be shortened a little by writing it as 2607:f298:1:107::fe1:39bb, which helps a little.

The End

IP addresses are a simple concept (one machine, one number) but there is so much to understand about how IP’s are structured and used in networking. Hopefully this quick outline helped you get a grounded understanding of what IP addresses are. If you have any questions drop them in the comments so we can help!

There are lots of specialized networking devices in the world today. If you look hard enough you can find a device specialized for any networking task. In this article I want to ignore the obscure, uncommon, and long since past devices and cover just 5 major devices that are used today in the modern LAN.

Hub, Switch, Router, Firewall, WAP

So what hardware will I find when I go looking around the network? What are the most common network devices that I should learn about to get started in networking? Here’s the top 5 network devices you will need to know and love if you are going to work on a network:

Hub

Switch

Router

Firewall

Wireless Access Point

The Hub

I have to be honest here, the hub is old school technology and not really used in modern networks. I’ve included it here because you may run into it occasionally, but also because it is helpful in the next section (the switch) if you know what a hub is.

A hub is a device that simply spits out data it receives on one interface to all its other interfaces. So, if a packet of data arrives on interface 1 of an 8 port hub, the hub will blindly copy that data out the interfaces 2 through 8.

This was useful in the early days. It was a cheep and quick way to link up multiple computers. The problem with hubs though is that only one computer can talk at a time. If two computers talked at the same time, their traffic would get combined as it was echoed out the other interfaces. This is called a collision, and it would corrupt the data being transmitted by both computers. So, each computer would have to try again, after a random time period. This becomes a real problem when the network gets busy or when more then a hand full of computers are on a network. A switch solves the collision issue.

The Switch

A switch is the device that is most likely on the other side of the cable your computer is plugged into. In many respects it is the same as a hub, though it is different in one key way. A switch only repeats traffic out ports it needs to rather then out all of its ports.

Switches come in lots of different shapes and sizes, depending on how much horse power you need. The most common network switch is only 1U tall and is shaped kind of like a pizza box. On the front of the switch will usually be 24 to 48 ethernet ports and a couple extra special ports that can be configured to use copper, fiber, or serial connections. Switches have so many ports because the main point is to connect client computers to the network.

A switch is able to intelligently decide what ports to forward packets out of because it listens to the packets that it receives on each port and notes the source address in the packet. By learning what port each MAC address is on it can forward packets it receives out that one interface rather then all its interfaces. This one simple change has made a huge difference in the networking world, has enable networks to run as quickly as they do, and allowed them to scale to as large as they have. For more detail on switches check out this article discussing differences between them and routers.

The Router

The router is the workhorse of the internet. A router works like a traffic light between networks enabling the flow of data between them. Without routers there would be no Internet. You could connect a few computers together in a building, but no much beyond that.

Routers typically have fewer physical ports on them then switches. They will also have more variety of ports including Ethernet, Fiber, ISDN, Serial, modem, etc. Modern routers usually have “blades” or modules that you can put into them to introduce different types of ports. They are designed this way because they are used to connect different types of networks together, so they need the right type of interfaces for the various networks that they will connect to.

A router works by looking at IP addresses, breaking them down into their parts (using a subnet mask), then deciding based on that information if it should forward the packet out one of its interfaces to another router, to the packets destination computer, or if it should just drop the packet all together. If the packet is forwarded on to another router, the decision process is repeated by that router. This happens over and over again until the packet reaches it destination. Each time the packet is handed off to another router it is called a “hop”. You can see this process happen by using the traceroute (or tracert depending on your OS) command line tool. You will see a response from each router your packet passes through if you issue a command like:

1

2

3

4

5

# Most Windows computers

tracert www.computernetworkbasics.com

# Unix/Linux/OSX computers

traceroute www.computernetworkbasics.com

The Firewall

A Firewall is a security device that is designed to filter traffic that enters or exits your network. Firewalls today are “layer 4” devices which means they can make decisions based on TCP and UDP ports in addition to IP addresses. Because a firewall can block specific network ports, they are most often used to prevent inbound attacks directed toward your computer systems. So they typically live at the edges of a network.

You can, for example, use a firewall to allow http traffic to your web-server from the internet but deny all other traffic to it. That way, you prevent unauthorized people from ssh’ing or using remote desktop to access your web-server, but still allow the world to have access to the web content you want to host on that server.

Firewalls typically come in the form of a 1U to 4U tall device with only 3 or 4 network ports on them. They only need a few ports because you don’t connect lots of client computers to them like a switch, but rather, aggregate traffic together and then send it through the firewall.

Some modern firewalls that have only recently come to market are called layer 7 firewalls. These firewalls look deeper into network packets and attempt to figure out what is inside the packet regardless of what network port it is on.

The Wireless Access Point

Wireless Access Points (AP or WAP for short), like switches, are primarily focused on connecting client computers to the network using short range radio waves. As of this writing, you can get wireless access points that operate using various standards including 802.11b, 802.11g, 802.11a, 802.11n, and 802.11ac. These standards run in either the 2.4GHz or 5GHz frequency range and have various encryption capabilities and transmit speeds.

Wireless AP’s come in various shapes and sizes. Some with lots of antenna on them and others with the antenna built into the shell of the AP. They are typically the size and shape of a thick hard-bound novel and are designed to mount onto walls or on drop ceiling. Most enterprise wireless AP’s can be connected to the network through an ethernet port. They are typically powered through that same ethernet port using a technology called power over ethernet (PoE). With PoE you don’t have to run power to the location you want an AP to be in, just a data port.

The Conclusion

These 5 devices: the hub, switch, router, firewall, and wireless AP will comprise the vast majority of the network equipment in any given LAN out there. There are other devices you will see like modems, CSU/DSUs, Transceivers, Transponders, Bridges, Taps, GBICs, SFPs, etc.

Don’t worry about this other stuff right now. You can learn about each of those devices as the need arises. Right now, as you learn about networking, focus on the 5 devices mentioned in this article. A good area to focus on next would be the differences between routers and switches.

The Value of U

U or RU stands for rack unit. 1U represents 1.75 inches, and is a standardized height for equipment that is designed to be mounted in data or audio/video racks.

A standard 24 or 48 port network switch will typically come as a 1U device, meaning that it will be 1.75 inches tall so it will fit into a single U slot. Larger switches, routers, UPS equipment, etc. will come in multiple U sizes. A UPS, for example, may have a body that is 4U so that it can accommodate the batteries that go inside it. Or a large modular switch may take up 15U.

The Rack and U

Height

Racks come in different heights. A full rack is normally 42U. So it can hold up to 42 1U devices and stands a little over 6 feet tall. You can also get half sized racks around 22U if you want something the size of a small desk filing cabinet. There are even smaller racks that hold only 2U to 10U. These are normally wall mounted racks and are used for small distribution points, where only a hand full of data cables terminate.

Half-Rack vs U

Sometimes you will see equipment that will say something like: “This is a 5U half-rack form factor”. What is being said here is that the device, whatever it is, will be 5U tall, but will take only use up half of the 19 inch width of rack. So the half-rack here is referring the width of the device, not the height.

The Holes

Racks usually come with either threaded-holes or square-holes in them. Threaded are still common for 2-post data closet type racks while square-hole are more common in 4-post server focused racks. When it comes to “U” though, the type of hole doesn’t matter much, but the layout of the holes does. Both threaded and square holed racks have the same layout with the holes, so the following points apply to both.

If you look closely at the holes in a data rack you will notice a pattern to the hole layout. There will be two holes close together, one hole by itself, then two holes close together again. At least, that is how I saw the pattern. Well, a “U” in the rack will begin between two close together holes, run past the hole by itself, and end between the next two close together holes. I can’t tell how annoying it can be to come across equipment mounted between 2U in a rack. The equipment doesn’t screw in correctly so it isn’t secured well and it fills up 2 precious “U” when it should only be using up 1U. So, be good and mount equipment in the correct way in your racks!

Well that was short as sweet! Do you have any other questions about U or racks? Drop the question into the comments so it can get some love and attention.

A good friend of mine Joe Wollard, an excellent programmer and technician, and I worked on an application together called whichSwitch. It is an application that is simple in concept, but after years of waiting around for someone else to make it, Joe and I decided to just make it ourselves.

What is whichSwitch

whichSwtich

Basically, whichSwitch is a user friendly application that will detect and display CDP and LLDP packets. CDP and LLDP are protocols that are used by most enterprise network devices so that administrators can see what equipment is directly plugged into each other and on what ports, what VLAN’s, etc. Since I started working in the networking field I have leveraged CDP and LLDP countless times.

So, if you want to know what port, and on what switch, a given computer connects whichSwitch will tell you. You can see more detail on whichSwitch and its features on the whichSwitch documentation page if your interested or you can head over to the download page and get a copy. If you are still a little confused by the jargon or don’t really see why this ability would be useful, check out the following examples to give you an idea of how I use whichSwitch.

How I use whichSwitch

Printer Problems

Oddly, CDP and LLDP seem to be really useful when troubleshooting printer problems. I think because people often configure ports in a special way for printers. Be it the port speed or duplex, or maybe the VLAN is special for printers in your setup, and so on. This goes for any specialty device that can connect to a network, printers are just the most common example.

Inevitably, someone rearranges their office and plugs the printer back into the wrong port in the room. All that is mentioned to you, of course, is that “the printer is broken”. In this case, you can use whichSwitch to check CDP and LLDP packets on the port the printer is connected to and quickly figure out that the printer is connected to a port that isn’t configured the way the printer needs it to be. This is especially helpful if the ports in question aren’t labeled or are behind a filing cabinet or cubical wall and you can’t directly access them.

Non-network People Use it Too

A tech may be out working on a computer already. Rather then passing a ticket to me to log into the network equipment and follow up, the technician can figure out what port/VLAN, etc. the computer is connected to and call in with answers to all the questions they know I’m going to ask. So I can help them out right then. Win-Win. They get to solve a problem right then, the client can get back to what they wanted to do, and I can get back to project work that will make the network even more awesome then it already is.

Document an Existing Network

One use for whichSwitch that is really nice is the semi-automated way you can use it to audit data ports. At a University that I worked at for some time we would send student workers out every summer to check that the data ports in the dorm rooms were not damaged and document where the port label on the wall connected into the network.

At the time we didn’t have whichSwitch, but I can see how useful it would be in this scenario. Basically, you can take a laptop running whichSwitch into a room, start a session, then plug the cable into each port in that room, one at a time, until a CDP packet is found on each port. Once you have the room done, stop the session, rename it to the room number, then repeat for the next room.

Keep My Blood Pressure Down

Seriously! In the past, I would use Fluke Link-Runners for identifying ports. These are network cable testing and identification devices. Really nice devices actually, and they did the job well. That wasn’t the problem. The problem was two fold.

I inevitably wouldn’t have a Link-Runner on me when I needed it.

Whenever I did have it with me the batteries would somehow be dead.

Now, being a respectable geek, I’m rarely ever without my laptop or its power adapter! So having an application that could do this critical task for me was a clear move in the right direction. So… problem solved and my blood pressure remains low.

Conclusion

Seriously though, go grab a copy and let me know what you think. Does it work on your network? What could we do to the application to help improve your life and simplify your workflow? Or better yet, what other applications have you been looking for that you just can’t find?

So… How Does DHCP Work?

I’m glad you asked. Lets not get to bogged down in the technical details, but rather take a high flying look at how DHCP works and do a few dives down to help with understanding. The overall conceptual process for DHCP is strait forward:

New computer on the network asks “what IP can I use on this network?”

DHCP server sees this request and picks an IP for the computer to use

DHCP server tells the computer the IP it should use as well as some additional information about how to use that IP.

Not much to it really. For large or complex networks, DHCP gets more complicated than this, but by and large this is all that is happening when you connect a computer to a network using DHCP. Now, lets dive in a look a little closer at each step

Computer Asks for IP Address

When a computer boots up it will ask the network it is connected to for an IP address. It does this by sending a broadcast packet that will be copied to every computer on its section of the network. This broadcast packet contains the computers “MAC” address and a request asking anyone that will answer, what IP address it should use. A DHCP server will see this request and respond to it.

A quick note on how this works in small networks vs large networks. In a small network, all the computers are normally all in the same network. This includes the DHCP server. So broadcast requests that client computers send out are heard by the DHCP server directly and responded to directly.

In a large network, computers are in many different network segments called subnets and often there is only one or two DHCP servers for the entire network. What happens here is that a router for each subnet is configured to listen for the DHCP requests and forward them on to a DHCP server. The router is called a “relay agent” or a “helper” in this situation. When the DHCP server gets this forwarded request it looks at the IP of the router that forwarded the request to figure out what subnet the client is in and uses the part of its configuration for that subnet to decide what IP to assign to that client.

Picking an IP for a Computer

DHCP servers spend most of their time siting around patiently waiting for DHCP requests. When it sees one, a server will take the MAC address in the request and run it through a couple checks, then assign it an IP. The checks that it will do are:

Have I already given this MAC address an IP?

Does this MAC address have an IP reserved for it?

What “pools” of IP’s do I have available to pull from for this MAC?

I give up.

Have I already given this MAC address an IP?

Here, the server will check a list of IP assignments that it has already given out and see if the MAC address it received from the requester is in the list. If it is, it will assign the same IP back to the computer that it had before. An example where this happens a lot would be a laptop computer running on wireless.

Lets say a laptop computer has gotten an IP from the server already, then you put the computer to sleep by closing the lid for a few minutes. When you wake the computer back up it doesn’t know if it is on the same network it was on before, so it will ask the DHCP server for an address again. The server will see that it assigned an address to that computer 10 minutes ago and assign the same address to it again.

Does this MAC address have an IP reserved for it?

On a DHCP server you can normally “reserve” an IP address for a specific MAC address. So whenever that MAC address shows up in a request for an IP the server will assign it the same IP every time. Printers are a great example of when you would use this feature.

You can configure the DHCP server to always give a printer the same IP address, then configure the printer to use DHCP when it boots up. Now the printer will get the same IP every time and you don’t have to statically configure information on the printer, so they are easier to maintain.

What “pools” of IP’s do I have available to pull from for this MAC?

Lastly, the DHCP server will now look for any pools of IP address that it has and just assign an IP from that pool to the computer. A pool is just a range of IP’s you configure on the DHCP server for it to give to requesting computers. When IP are assigned from a pool they will expire after a period of time if the computer using the IP doesn’t check back in. If the IP expires it will assume the IP if free for anyone to use again and move it back into the pool to be assigned to another computer that comes along looking for an IP.

Then it gives up

If the MAC that is requesting an IP hasn’t already been assigned one, doesn’t have a reservation, and all the IP’s in the available pools have been used, then the server will basically give up and not assign an address to the computer, hoping another DHCP server will be able to do it. Computer, you are on your own now.

DHCP Server Responds with IP and Additional Info (If Configured)

Example of some DHCP Options

If the DHCP server doesn’t have to resort to the “give up” step, it will pick an IP to assign to the requesting client and send it back to the client. Along with an IP, the DHCP server can send additional information like a network mask, default gateway, a list of DNS servers, vendor specific information (used by VoIP and wireless systems), and more. These extra pieces of information are called “options”.

The network mask, default gateway, and DNS options are used all the time. Actually, DHCP is pretty useless without them because you only get 25% of the information you need to use the network if they aren’t used. Vendor specific options are used far more infrequently. They are used infrequently enough that some DHCP server software can’t even handle them (cough… Apple… cough, I’m looking at you).

At some point in the future I’ll talk more about vendor specific options. Right now, it is enough to know that they exist and are used to send special configuration information to specialty equipment. Like telling a VoIP phone the IP of the VoIP server, or a wireless access point (AP) the IP of the controller it should talk to.

Conclusion

DHCP isn’t rocket science but, as its name suggests, the language around the process can be full of acronyms and jargon. When you pull all that jargon out it’s clear that DHCP is no more complex then a computer yelling out for an IP and an IP delivery man responding with nice shiny new IP to be used.

Did this article help you understand DHCP? Sign up for our newsletter using the right side bar to get content like this sent directly to your inbox. Also, let me know what you thought of this article in the comments. I would love to hear your constructive feedback.

Fiberoptic cable is literally made of glass. Crazy, I know! But, because of this, the cable can be pretty delicate. So, here are five handling tips for fiber patch cables that will help you keep your cables in good working order.

Bend Radius

Fiber Bend Radius Rule of Thumb

The “bend radius” of a cable is the term for how sharply a cable can safely bend at any given point. All cabling has a bend radius, and this radius can be unique to each type and make. I’m here to help simplify these things for you so I’m going to give you a rule of thumb rather then a detailed specification.

So, here is you rule of thumb: You don’t want a fiber cable to bend at any given point with a radius less then 10 times the diameter of the cable. For a normal fiber patch cable, this is no shaper then if it were bending around a tennis ball.

If you bend the fiber cable more sharply then that you can have a couple issues.

The glass in the cable could break or shatter causing reflection and refraction of the light running through the cable; i.e., the cable starts to really suck.

When a fiber cable bends too sharply the light passing through the cable will reflect too steeply and not make the turn. Because the light bounces off the walls of the fiber whenever the fiber bends it can’t bend to steeply. If it does, the light will reflect at too steep an angle and will be absorbed by the cable or make a u-turn and head back the way it came.

Cap Your Connectors

Fiber cables aren’t cheep and the tips on the connector can easily get damaged, smudged, etc. So put a cap on those babies. Because light goes through these cables minor things can cause big issues for you. Things like touching the tip of the fiber cable with your finger or letting dust settle on the tip. Dust, finger oil, etc. will all cause the light leaving that patch cable to reflect and refract causing loss and making the cable less efficient or un-usable.

Don’t Strap Too Tight

When you secure a fiber cable to another cable, cable tray, etc. make sure you don’t tighten the zip-tie, velcro, twisty, or whatever your using too much. Over tightening the securing straps apply pressure to the cable that may cause the glass inside the cable to warp or break, and make it more prone to failure over time.

You want the cable to be secured reasonably snuggly, but it should still be allowed to slide through the securing strap without much force. If you have secured the fiber cable to the point where it will not slide back and forth through the securing strap or the fiber cables jacket looks like it is being squeezed, the it is too tight.

Keep off of Sharp Angles/Edges

Bend Radius Clip by Panduit

When installing fiber cable or dealing with extra slack from the cable, keep the cable from running off sharp angled edges like that of a table or shelf. The reason for this, once again, that the glass may warp or break over time due to the pressure on the cable at the sharp edge. Believe it or not, the weight of the cable being pressed against such a small point is enough to break or warp the glass inside to a point where it will cause light loss or outright failure.

What is really going on here is a re-hash of the whole bend radius point above. Just with a slightly different take. If you run a cable off the edge of a shelf the bend radius may be fine… at first. But if that edge doesn’t have the proper arch to it, the cable will sag and start to exceed the bend radius over time.

There are products out there that can help your cables in these situations. You can buy cable management bend radius clips, or cable “waterfall” accessories. Panduit is a quality, and sometimes expensive, company that manufactures these products. If you are just putting a switch on a shelf (<angry face>which I don’t advise, but you may be doing it anyways </angry face>) you could use something like pipe insolation of a pool noodle on the edge of the shelf to keep the cable bend radius correct.

Becomes More Brittle Over Time

Fiber is glass. Don’t break it.

Fiberoptic cable becomes more stiff and brittle over time. I never thought about this when I first started working with fiber cabling, but in my experience, it is true. I noticed that older cables, even if they are in the packaging still, were much more stiff then the newer cables and were just more prone to being broken.

You may notice if you pull a fiber cable out that has been installed for a few years that is will just old the shape it was in from the time it was installed. The real lesson to be learned here is be very carful around currently installed fiber cable and move installed cabling around a little as possible.

Conclusion

To sum it all up, when handling fiber cable: don’t bend it to tightly, don’t squeeze it, keep the ends covered all the time, and (like cooking fish) don’t poke it too much. Hope you found these few tidbits of information about fiber useful.

Last week, on March 2nd 2013, popular cloud based filing cabinet service Evernote announced a system hack and required all of its users to reset their passwords. I’m an Evernote user and I’m happy with how Evernote dealt with their system being compromised. I want to highlight four non-techincal things that they did in response to this incident that should be kept in the back of your mind just in case you ever have to handle a response to a hack like Evernote did. In a nutshell, they:

Error on the side of security

Weren’t shy and announced the hack quickly

Sent a brief and informative email that didn’t fall into SPAM like behavior

Limited confusion buy placing a notice about the hack font and center on their website

That is it! I’m setting the bar low here, but most companies fail in their responses to hacks like this. They misinform, delay, and hide. I commend Evernote for doing better then the rest.

Error On The Side Of Security

The Evernote hack allowed attackers to get encrypted passwords, account names, email address, but not user data. So, even though the passwords were encrypted, Evernote required users to reset their passwords. This may have been annoying to Evernote users, but it rightfully errors on the side of security.

This was very inconvenient for me! I use Evernote with some of my other cloud services, on smart phones, tablets, and multiple computers. I have to fix the password in all of those locations to get the applications working again, but it is worth it to know that my data is secure. I would want them to do it again if they had too.

Their Quick Announcement

When they noticed that the system compromise they went into action, dealt with the issue, and made a public announcement quickly. This gives them credibility and give me confidence that they will let me know in the future if something were to happen again.

Informative But Not Spammy

I got 2 emails related to this event. One announcing the need to reset the password to my account and one letting me know that the password had been reset once I reset it.

The email announcing the need to reset my password is partially displayed in the image at the beginning of the article. You can see that they explain the situation clearly and avoid the tech speak as much as possible. They also don’t fall into the trap of “Click here to reset your password”. They knew that if they did that they would be training their users to trust emails that ask you to do that. Which, next time, may not be you but actually be spam. Can you get mad at your employees or clients if they click on the spam link? If you send messages out with “change password” links in them you are teaching them that it is okay to clickity, click-click-click…

The second email came after I reset my password. It announced the fact the the password had been changed and gave me an opportunity to un-change it if I wasn’t the one to change it in the first place. Just in case the hacker got their first. Again, this instills confidence in me when it comes to their brand and the safety of my data.

Limited Confusion By Putting Proof on Their Page

On top of the email notification to their users about their decision to do a password reset on all account Evernote also put the notice front and center on their main webpage. This is really part of not being ashamed and hiding. In the past, I’ve seen companies burry this information in a blog post, or real small under the login page. Here, Evernote shows they are more concerned about getting this right, securing your account, and informing you of the incident then they are about potentially scaring off new clients.

Conclusion

I know I come off all rosy toward Evernote in this article. My intent isn’t to bat my eyelashes at Evernote but rather to give them a pat on the back for the way they dealt with this crisis and to remind myself that I can learn from their behavior.

If you are ever in this unfortunate position do the right thing and don’t worry about PR. Keep your current clients safe and you will be better off long term. Security breaches happen, show people you can handle them without fear by quickly responding to the incident, announcing it clearly, eliminating confusion with a banner on your site and you will be rewarded for it.

What do you think? Did evernote do the right thing? Was their response measured correctly or did they overstep?

Overview of the LAN

Example Network Topology

So, What is a LAN? A LAN, or local area network, is a collection of computers, various network capable devices like printers and XBox’s, and all the things required to connect all this stuff together. This includes cabling, wireless access points, switches, routers, firewalls, and so on.

Normally, the LAN is restricted in size to something between a couple computers connected in a room and all the stuff at a single location. Even if that location is as large as a University campus.

Sometimes people will refer to the services that run on a LAN (like file and printer sharing, web servers, authentication, etc.) as the LAN itself. I think this is a misuse of the term and that it is more useful when designing and troubleshooting a network, to distinguish between the LAN and the services that run on it.

Related Terms

Here are some related and similar to LAN terms used in the networking field; just to give you context for the term LAN

When you need to talk about all the equipment that connect multiple sites together, it is normally called a WAN, or wide area network.

When you need to talk about a small network that connects, for example, your cell phone to its bluetooth headset, it is normally called a PAN, or personal area network.

If you are talking about the wireless part of you network it is called the WLAN, or wireless local area network.

If you are talking about multiple locations throughout a city that are networked together it is called a MAN, or metropolitan area network.

If you are talking about a bunch of storage devices that are all networked together to look like one large heap of storage it is called a SAN, or storage area network.

If you are talking about segments of a LAN that “virtually” cluster machines together even if they are geographically separated it is called a VLAN, or virtual local area network.

Parts and Pieces

Lets talk a minute about the “all the things required to connect all this stuff together” part of a LAN. A LAN of any size has lots of hardware that links all the computers on the LAN together. Even your little setup at home will have each of these parts; they will just be at a smaller scale and, often, merged into one do-it-all device. In large environments each or the following is normally a specialized and separate device. The cliff-notes list of LAN parts and pieces is:

Switch

Router

Firewall

Wireless Access Point

Copper and Fiber Cabling

Of the devices listed above, the most common device in a LAN is going to be the network switch. The switch is what is on the other side of the network cable that you have in your office. If you are using wireless, the wireless access point your computer is talking to is then plugged into a switch. The switch is everywhere and is going to be a big part of networking for some time to come. For the interested, in another post I go into some detail on the difference between a router and a switch.

Topology

Just like with size, a LAN can come in many different shapes and layouts. There is the bus, star, ring, mesh, and others. About.com has a nice write up about these various topologies. I want to take this moment to focus on just one topology, the star.

The star topology is by far the most common layout you will find in computer networking today. In a star topology you have a hub and spoke layout, where client computers, Wii’s, Tivo’s, Apple TV’s, printers, whatever… are all connected directly to a central device. So, in this structure, every packet between your computer and your printer goes through the central device. The central device is most commonly a switch, but could also be a wireless access point, a firewall, another computer, whatever.

As a network grows you will need to create more stars and link those stars together by plugging the central part of one star into the central part of another. This “star of stars” structure is the form that most LAN’s take.

Further Reading

I also want to note that Wikipedia does a great job of covering all the details of what a LAN is and the history around local area networks. In this article I wanted to just give you the necessary information to get a basic operational answer to the “what is a LAN” question. If you want to know a little more about the history, less common network configurations, etc. check out the Wikipedia article.

I tossed this quick list together of ssh clients I’ve used on various modern operating systems. I hope you find it useful.

If there are any ssh clients I missed here that you like to use give the app a shout out in the comments.

Microsoft Windows XP, Vista, 7

Putty is the classic ssh application for windows. It is free and works well. Once you have downloaded and run the application you will get a window that lets you create a store multiple profiles. So you can put in a username, ssh server IP, password, etc. Then you can save that setup and easily connect to another device running ssh.

Microsoft Windows 8

I haven’t used Windows 8 yet and don’t currently know of any ssh clients. If you know of one drop it in the comments and I’ll add it to the post.

Linux

The built in Linux terminal is all you will need to access ssh and connect to a network device. If you are running your linux system with a graphical user interface, you will be able to find the terminal listed in utilities or applications on most linux systems. If you don’t have a graphical user interface on your system, the prompt that you have in front of you is the terminal application. To ssh using the terminal in Linux type “ssh <username>@<IP or DNS>”. It will look something like “ssh ryan@computernetworkbasics.com”.

Apple OS X

All versions of Apple OS X have a terminal application built-in called “Terminal” that has access to an ssh command. The terminal app is located in your applications folder inside the folder “Utilities”. Once you open the terminal window you can use ssh by typing “ssh <username>@<IP or DNS>”. It will look something like “ssh ryan@computernetworkbasics.com”.

My primary system has been an OS X computer for a few years now and have grown familiar with apples built in terminal application. There are other terminal applications that you can get like iTerm2 that add extra features like mouseless copy, instant replay, etc. But these feature aren’t required for basic ssh capability. The built in terminal application will work just fine for most.

Apple iOS and Google Android

There are a number of ssh clients available for Apple iOS and Google Android devices. I’ve used TouchTerm (iOS only) and ServerAuditor (iOS and Android) on my iPhone and have had good luck with these clients.

Why Enable SSH?

SSH on network switches is really just a replacement for telnet. SSH stands for “secure shell” and is a way of accessing the command line interface on numerous devices, including network switches, routers, firewalls, servers, and so on. Most managed network devices have a command line interface that is accessible through telnet or ssh because it is powerful, flexible, and minimizes the resources required for administration of the device.

SSH is very similar to telnet in its use, but it provides two key security features that telnet lacks: encryption and host verification. These two features that go a long way in improving security.

Encryption

The encryption feature of ssh means that the traffic going to and from your switch is encrypted and is difficult to eavesdrop on. Even if an attacker was able to see the traffic, the data would be a meaningless jumble without the encryption key to decode it.

Verification

The host verification feature in ssh allows your computer to know that the switch you are trying to ssh into really is the switch you think it is and not some attacker pretending to be the switch. Any system running ssh will sign packets using its private key to prove it really is the device you think it is. When packets aren’t correctly signed your computer will throw an error warning you that it couldn’t verify the source.

A common attack against computer networks are “man in the middle” attacks. This attack is when an attacker pretends to be the device you are trying to connect to so it can intercept your traffic. When you talk to the attacker, thinking it is your switch, the attacker can save the conversation while still forwarding on your traffic to the correct destination. By playing middle man in this way an attacker is able to capture your traffic, even if its encrypted traffic.

Quick Note on Verification

While we are on the topic of verification I want to make a quick note. The instructions below show you how to create a “self-signed” certificate on your switch. When you use a self-signed certificate you will get a warning the first time you log into the switch saying that the source can not be verified. Tell your ssh application to remember this host and go ahead and connect to the switch.

Every time from that point on your application should know that it is your switch if it is signed in the same way. If you get that warning again either the ssh key on the switch has changed or there is an attacker doing a “man in the middle” attack. So just note that you can ignore the warning the first time when you are setting ssh up on your switch, but pay attention to the warning if you ever get it again!

HP SSH Configuration Outline

To enable ssh on HP procurve switches you will need to do the following.

Console or telnet to switch

Generate an ssh key

Enable ssh access

Verify ssh is working

Turn off telnet access (Optional but recommended)

Console or Telnet to Switch

Since SSH isn’t enabled on your switch yet you will need to access it using either telnet or console directly into the switch. If your switch isn’t connected to the network at all yet, then you will need to plug a serial port on your computer into the console port on your switch. If your switch is on the network then access it through telnet.

Generate an ssh Key

Once you are connected to your switch you will need to generate an ssh key that will be used to verify you are talking the switch you think you are as well as encrypt the traffic going to and from your switch. To generate an ssh key on an HP Procurve switch you have to go into global configuration mode and issue the generate key command.

1

2

3

4

5

6

!Enter globalconfiguration mode

configt

!generate hp ssh key(do2048orhigher)

crypto key generate ssh

!Save your changes

write memory

Enable ssh Access

Now that your switch has an encryption key it can use to identify itself and encrypt ssh traffic with, you can now turn ssh on. Issue the following commands to turn ssh on.

1

2

3

4

!Enter globalconfiguration mode

configt

!Enable ssh

ip ssh

Verify ssh is Working

Before you disconnect your current session or save the changes you have made, I recommend using another application or terminal window to verify that you can actually connect to the switch using ssh. On Windows computers you will need a 3rd party application like putty to connect to the switches using ssh. On Apple, Unix, or Linux computers you can use the built in terminal to remotely access your switches through ssh. If you are new to ssh don’t worry, it isn’t very hard to use. It is similar to using telnet except rather then typing “telnet <switch IP here>” you type “ssh <username>@<switch IP here>”. Once you have verified that you can login using ssh, then turn off telnet and save your work.

1

2

3

4

!ssh tothe switches network IP address

ssh manager@192.168.1.1

!When prompted enter your password

!Ifyou are shown the switchprompt,your in!!

If the switch gave you access and you can issue commands like “show run”, then you can turn off telnet access and save your changes.

Turn off Telnet Access

Now that you know ssh is working and know how to use it to access your switch you should turn off telnet. There is no reason to keep the insecure protocol running since ssh will replace telnet as your method of accessing the switch.

1

2

3

4

5

6

7

!Enter globalconfiguration mode

configt

!Turn off telnet

no telnet-server

!Note:"telnet-server"turns telnet back on

!Save your changes

write memory

Conclusion

Ssh is a much better solution then telnet for accessing your network equipment. Once it is set up you won’t notice a difference in your user experience and your network infrastructure will have an extra layer of security. So, if you haven’t already, go enable ssh on your network equipment right away.

Over the years I found ssh to reliable, simple, and effective on all kinds of equipment. I’ve used it on all kinds of devices including servers, switches, routers, firewalls, UPS’s, and more.

What other equipment do you have on your network that could be moved to ssh?